Hello, in our application I us an application specific user-database for authentication and I can also authenticate users with their Active Directory credential (SPNEGO or username/password). Now we want to switch to Keycloak, but we can only use either a custom user-database provider or an Active Directory federation provider in a realm. SPNEGO works fine, but form-based login doesn't. Only the first federation provider is called. Maybe because login name for both providers is the same, even though neither userbase is imported. How can I authenticate a user with a second federation provider with same login name, after authentication with first provider fails. (Or do I even have to think in a completely different direction ?) Thanks in advance for any suggestions. Best regards, Gerhard Jansen